<p>Defence Signals Directorate ISIDRAS – IT Security Incident Reporting Form</p><p>1. CLASSIFICATION DETAILS  Classification of incident report: ______ Classification of system attacked: ______ ISIDRAS category: 1 (N.B Does not need to be reported) 2 3 4 </p><p>2. CONTACT DETAILS  Agency Name ______Street no. ______Street Name ______ Address Suburb/City ______State _____ Postcode _____  Reporting Officer Name ______Ph _____ Fax ______Position ______Mobile _____ E-Mail _____  Alternate Contact Name ______Ph _____ Fax ______</p><p>3. ASSISTANCE REQUIRED  The Information Security Group at the Defence Signals Directorate (DSD) can assist you with incident containment, eradication, recovery and follow up. Please indicate your agency’s interests: Advice only Investigation by DSD Forensic analysis Log analysis IT security review Policy review Other (Please specify)</p><p>4. INCIDENT TIMING Date incident started ______DD/MM/YY Time _____ 24 Hours Date incident identified ______DD/MM/YY Time _____ 24 Hours Is the incident continuing? YES NO Date incident stopped ______5. INCIDENT TYPE  Select the Incident Type and give details Hacking via public network Hacking from internal/private network Theft Server compromise Website defacement Equipment loss Software piracy Wilful misuse </p><p>Port scan Give details including source IP address and ports Denial of service Virus/Worm/Trojan Root kit or Warez tool</p><p>6. INCIDENT STATUS  Select one status Suspected Unsuccessful Successful Accidental Deliberate</p><p>7. INCIDENT CAUSE  Select one cause or provide details Natural disaster Outsider Staff Unknown Other</p><p>Contractor</p><p>8. INCIDENT IMPACT  Select an impact or provide details Confidentiality compromise Availability affected Content stolen Content altered Other </p><p>9. AFFECTED SYSTEM  Select a system or provide details Router Firewall PC Mainframe Server Please specify type ______</p><p>Other 10. OTHER COMMENTS Please consider the following and provide as much detail as you can  Rate the sophistication of the incident  Can you identify the attacker?  What action has been taken to prevent recurrence?</p><p>11. REPORTING INSTRUCTIONS  Complete and unclassified forms can be Posted to: ISIDRAS Information Security Group Locked Bag 5076 KINGSTON ACT 2604 Faxed to +61 2 6265 0328  Unclassified details can also be relayed to the Information Security Group via E-mail: [email protected] Telephone: +61 2 6265 0197  Classified details should be relayed in accordance with handling procedures outlined in the Protective Security Manual. Information provided remains confidential within DSD and is never disseminated except in aggregate.</p>